Message sender security in messaging system

ABSTRACT

Some embodiments include a method of providing security and privacy for a message sender. The method can include a messaging application determining that a messaging interface of the computing device is active and is revealing or about to reveal the electronic message. The messaging application can identify a recipient account of a messaging server system that is associated with the electronic message according to the electronic message or the messaging server system. The messaging application can then monitor a data feed from a sensor of the computing device to detect a biometric pattern that matches against a biometric profile model associated with the recipient account utilizing a biometric recognition process. In response to determining that the detected biometric pattern does not match the biometric profile model associated with the recipient account, the messaging application can activate a privacy shield to prevent content of the electronic message from being revealed.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application claims the benefit of U.S. patent application Ser. No.14/643,800, entitled “MESSAGE SENDER SECURITY IN MESSAGING SYSTEM,”which was filed Mar. 10, 2015 and was issued at U.S. Pat. No. 9,817,960on Nov. 14, 2017, which claimed priority to U.S. Provisional PatentApplication No. 61/950,423, entitled “BIOMETRIC FOR MOBILE ACCESS,”which was filed on Mar. 10, 2014; U.S. Provisional Patent ApplicationNo. 61/985,059, entitled “USE OF BIOMETRIC FOR ACCESS TO DATA DEVICE ANDASSOCIATED SOLUTIONS FOR DIFFICULT BIOMETRIC READING SCENARIOS,” whichwas filed on Apr. 28, 2014; and U.S. Provisional Patent Application No.62/042,561, entitled “MESSAGE SENDER SECURITY IN MESSAGING SYSTEM,”which was filed on Aug. 27, 2014; which are all incorporated byreference herein in their entireties.

RELATED FIELD

At least one embodiment of this disclosure relates generally to anelectronic messaging system, and in particular to privacy and securityof an electronic messaging system.

BACKGROUND

With the wide availability of mobile devices, in some areas/cultures,electronic messaging is becoming an integral part of a person's life.Because of this, privacy and security concerns arise over the use ofsuch systems. Conventional technology protects against privacyviolations by providing a screen lock on a mobile device whenever themobile device is not used. An authorized user can unlock the screen bytyping in a passcode into the mobile device. However, the passcode isknowledge that is transferable, and hence may be stolen. Furthermore,the screen lock prevents access to other applications on the mobiledevice, making it unnecessarily inconvenient. Other solutions protectsagainst violation by scheduling the destruction of a message to ensurethat content therein does not survive indefinitely.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a diagram illustrating a messaging application of a mobiledevice revealing content of a message when a facial profile associatedwith a recipient account is recognized, in accordance with variousembodiments.

FIG. 1B is a diagram illustrating a messaging application of a mobiledevice hiding content of a message when a facial profile associated witha recipient account is not detected, in accordance with variousembodiments.

FIG. 1C is a diagram illustrating a messaging application of a mobiledevice hiding content of a message when a facial profile associated witha recipient account is detected and a second unauthorized facial profileis detected, in accordance with various embodiments.

FIG. 2 is a block diagram of a system environment of a messaging systemimplementing a biometric security mechanism, in accordance with variousembodiments.

FIG. 3A is a flow chart of a method of operating a messaging applicationon a mobile device to register a user account on a messaging serversystem, in accordance with various embodiments.

FIG. 3B is a flow chart of a method of operating a messaging applicationon a computing device to send a message, in accordance with variousembodiments.

FIG. 3C is a flow chart of a method of operating a messaging applicationon a computing device to access a message, in accordance with variousembodiments.

FIG. 4 is a block diagram of an example of a computing device, which mayrepresent one or more computing device or server described herein, inaccordance with various embodiments.

The figures depict various embodiments of this disclosure for purposesof illustration only. One skilled in the art will readily recognize fromthe following discussion that alternative embodiments of the structuresand methods illustrated herein may be employed without departing fromthe principles of the invention described herein.

DETAILED DESCRIPTION

Several embodiments pertain to protecting messages through a messagingsystem having a biometric security mechanism. The messaging systemincludes a message server system comprising one or more computer serversand messaging applications running on end-user devices. The end-userdevices, for example, can include a desktop computer, a smart phone, atablet, a wearable device, a gaming console, a smart TV, otherelectronic gadget, or any combination thereof. The messagingapplications act as independent agents for the messaging system. Forexample, a messaging application may be installed on a general-purposeoperating system (e.g., Windows, android, iOS, etc.). The messagingapplication can also be implemented by client-side script (e.g.,JavaScript or Flash™) that may be executed on a web browser of theend-user devices.

The biometric security mechanism can be implemented via the messagingapplication. Unlike the conventional security mechanism that onlyprotects privacy of the user of the recipient user device, the disclosedbiometric security mechanism also protects the privacy and security ofthe sender of the message. This enables a new paradigm of protection forstakeholders (e.g., the message senders), who are conventionallyhopelessly dependent on the message recipients to protect theirinterests.

The biometric security mechanism implements a biometric recognitionprocess to verify one or more identities as authorized by the messagesenders. For example, the biometric recognition process may be based onfacial recognition, ear recognition, silhouette recognition, speakerrecognition, fingerprint recognition, device motion pattern recognition,tactile contact pattern recognition, etc. The biometric securitymechanism can detect biometric patterns utilizing a sensor, such as acamera, a microphone, an accelerometer, a touch sensor, a gyroscope,other inertial sensor(s), other optical or radiofrequency (RF)sensor(s,) etc. In some embodiments, the biometric patterns are matchedagainst one or more profile models authorized by the message sender. Insome embodiments, the biometric security mechanism can profile thebiometric patterns of one or more users into one or more profile modelsutilizing machine learning algorithms, such as support vector machines,Gaussian mixture models, hidden Markov models, etc. This profiling canoccur passively during the registration of a messaging system accountand/or thereafter when the messaging system account is engaged with themessaging application. Based on the profiles of the users, the biometricsecurity mechanism can recognize a user in real-time by matching thebiometric pattern detected by a sensor through the profile model.

The biometric security mechanism is instantiated whenever the messaginginterface of the message application is actively opened and running onan end-user device. The biometric security mechanism utilizes one ormore types of biometric recognition processes to determine whether thepeople who have access to the end-user device (e.g., looking at thescreen of the end-user device) are consistent with the privacy settingsof the sender account and the recipient account.

To use the messaging application on a user device, a user may have toidentify a messaging system account associated with the messagingsystem. The biometric security mechanism uses the one or more types ofbiometric recognition processes to ensure that an operator using themessaging application matches a biometric profile associated with themessaging system account. This procedure ensures that a third party(e.g., a brother or a classmate) cannot send messages on behalf of theuser. In the case that there are multiple operators for the sameend-user device, this procedure also ensures that independent privatesessions of using the messaging application can be established based onautomatic biometric recognition. That is, even with a recipient'spermission, a message is protecting against unauthorized sharing when adetected viewer is not authorized (e.g., not recognized with respect toknown profile models or the recognized profile is not authorized)according to a message sender's permission setting.

The biometric security mechanism can provide customizable privacyshields per message or conversation. These privacy shields may becustomized by privacy settings dictated by the sender of the message orthe initiator of the conversation. The biometric security mechanism canuse the one or more types of biometric recognition processes to ensurethat the operator using the messaging application matches an authorizedbiometric profile in accordance with a privacy setting of an individualconversation or message. For example, the default privacy setting may bethat the message or conversation is revealed when a biometric profile ofthe recipient account is recognized by the biometric security mechanism.In another example, the default privacy setting may be that the messageor conversation is revealed when only the biometric profile of therecipient account is recognized without the presence of other detectedhuman beings in the proximate area of the recipient end-user device.

In some embodiments, the privacy setting can indicate a singleauthorized account or biometric profile. In some embodiments, theprivacy setting can indicate a group of authorized accounts or biometricprofiles. In some embodiments, the privacy setting can indicate anattribute of a biometric profile, such as age, gender, facial gesture,facial expression, vocal pitch, etc. The attribute can be the solevariable to authorize a person. For example, the privacy setting canindicate that any female face (e.g., in the case of facial recognition)or any female voice (e.g., in the case of speaker recognition) would beauthorized. The attribute can be an additional conditional on top of aspecific account or biometric profile. For example, a sender account(e.g., John) may send a message with a privacy setting indicating Nancyas the recipient account. In some cases, the privacy setting can add anattribute of the recipient profile being female.

The privacy shield may be implemented, for example, as a screen lock, ascrambling of the message content, a blur of the message content, ablackout of the message content, an alert being sent to the messagesender and/or the message recipient, capturing of a photograph of anoffender detected by the biometric security mechanism, or anycombination thereof. In some embodiments, the biometric securitymechanism continuously loops through the one or more types of biometricrecognition processes. In some embodiments, the biometric securitymechanism disengages the privacy shield whenever an authorized biometricprofile is recognized and detected. In some embodiments, the biometricsecurity mechanism engages the privacy shield whenever a non-authorizedbiometric profile is detected.

A sender account or a recipient account can be associated with a singleindividual or a group of individuals. In the case of a group ofindividuals, biometric profiles of every member are associated with thesender account or the recipient account.

Failsafe Scenarios

In various embodiments, the biometric security mechanism may depend onat least a biometric recognition process. However, there may bescenarios where the biometric recognition process is inaccurate,inconsistent, unavailable, irrelevant, or any combination thereof. Underthose scenarios, the biometric security mechanism may deploy at least analternative biometric recognition process or an alternative method ofauthentication (e.g., passcode-based authentication ortoken-possession-based authentication). For example, unavailability ofthe biometric recognition process may be due to a sensor malfunction, asensor being blocked, a hardware or software driver of the sensormalfunctioning, or any combination thereof. For example, the biometricrecognition process may determine that the results of its biometricprofile recognition are irrelevant because the end-user device is insidea pocket, because the end-user device is not facing an operator, orbecause the operator is determined to be driving (e.g., the location ofthe end-user device is moving rapidly beyond a threshold or the end-userdevice is accelerating beyond a threshold).

In some embodiments, the biometric recognition process can include anerror checking process. The error checking process can determine whetheror not the sensor or the driver of the sensor is returning measurementsconsistent with past history, specification, and/or otherwiseconsistent. The biometric recognition process can determine whether itis inaccurate or inconsistent based on the results of that errorchecking.

In some embodiments, the biometric security mechanism can supplement thebiometric recognition process with additional authentication data. Forexample, the biometric security mechanism can monitor motion of theend-user device using a motion sensor. Whenever the motion indicatesthat an orientation of the end-user device is changing, the privacyshield is activated to protect content of a message. This isadvantageous to prevent the recipient user to show the content of themessage to another person against the sender's permission settings.

In some embodiments, even when a message is received by a recipient userwho is validated via the biometric recognition process, a privacy shieldcan still disable/hide the message if the end-user device (e.g., a smartphone) swivels in either direction from a presumed location of thevalidated recipient user. This is advantageous because, by swiveling theend-user device, the end-user device is likely losing contact with thevalidated recipient user or a display of the end-user device is beingredirected to another. As such, the content of the message is no longersecure from the perspective of the sender.

One or more accelerometers or motion sensors can be part of thebiometric security mechanism to supplement the biometric recognitionprocess. The motion data can ensure the safety of the sender's content.For example, a combination of facial recognition with accelerometer dataprovides a double layer security to protect the content of a messagefrom the sender's perspective.

Alternative Embodiments

The disclosure above pertains to the specific example of an electronicmessaging system for delivery of text, images, audio clips, or videoclips. However, it is within the contemplation of this disclosure toimplement the biometric security mechanism to other similar systems thatincludes registration of a sender account and the receiver account. Forexample, the biometric security mechanism can apply to email, socialnetwork, dating network, event/meet up invitation, physical delivery ofgoods, enterprise messaging (e.g., financial agent to customermessaging, real estate agent to customer messaging, medical professionalmessaging, etc.), or any combination thereof. The biometric securitymechanism is advantageous in enforcing privacy setting of the sender atthe device of the recipient. This is an improvement over existingtechnology that only seeks to protect against unauthorized exposure ofcontent on behalf of the device owner but not on behalf of the sender.

The biometric security mechanism is also advantageous in preventingimpersonation attempts, such as for the purpose of cyber bullying, byverifying the identity of a message sender when composing a message.This improves the overall accountability of messaging within themessaging system. Similarly, in an enterprise environment, theauthentication in both viewing and composition of the message enhancesenterprise-level security and compliance (e.g., such as eHealthcompliance when the message content involves medical information).

The disclosure above assumes that the messaging application implementsboth the biometric security mechanism and a messaging interface (e.g.,to compose and read messages). However, it is within the contemplationof this disclosure to implement the biometric security mechanism on aseparate device or application from where the messaging interface isimplemented. For example, in the case of an enterprise email system, anemail access interface may be provided on a desktop computer while thebiometric security mechanism may be implemented on a mobile device(e.g., a smart phone). In this example, the biometric security mechanismcan require the mobile device to connect with the email access interfaceon the desktop computer. The biometric security mechanism can performthe biometric recognition process to verify that there is a secureenvironment near the desktop computer (e.g., no unauthorized user aroundand/or an authorized user is present). In response to verifying a secureenvironment, the biometric security mechanism can notify the emailaccess interface to reveal content of a message.

FIGS. 1A through 1C illustrate an example of the biometric securitymechanism that implements a facial recognition process to protect theprivacy of both a sender of a message and a recipient of the message.FIG. 1A is a diagram illustrating a messaging application of a mobiledevice revealing content of a message when a facial profile associatedwith a recipient account is recognized, in accordance with variousembodiments. FIG. 1B is a diagram illustrating a messaging applicationof a mobile device hiding content of a message when a facial profileassociated with a recipient account is not detected, in accordance withvarious embodiments. FIG. 1C is a diagram illustrating a messagingapplication of a mobile device hiding content of a message when a facialprofile associated with a recipient account is detected and a secondunauthorized facial profile is detected, in accordance with variousembodiments.

FIG. 2 is a block diagram of a system environment of a messaging system200 implementing a biometric security mechanism, in accordance withvarious embodiments.

The messaging system 200 can communicate with client devices 202 (e.g.,mobile phones, tablets, desktop computers, laptops, othernetwork-enabled devices, or any combination thereof). The messagingsystem 200 can include a messaging platform 204 (e.g., one or morecomputer servers) configured to provide a service to facilitate humanunderstandable electronic communication between user accounts. The humanunderstandable electronic communication can include emoticons, text,photos, audio clips, videos, links, images, or any combination thereof.The human understandable content of the electronic communication may bepart of an electronic message or can be referenced in the electronicmessage (e.g., stored elsewhere that is accessible through a network).

In some embodiments, each of the client devices 202 can have an instanceof a messaging interface 206 and a biometric security engine 207 runningthereon that communicates with the messaging platform 204. In someembodiments, the messaging interface 206 and the biometric securityengine 207 are part of a messaging application running and/or installedon the client device. In some embodiments, the messaging interface 206is installed and/or running on a first client device and the biometricsecurity engine 207 is install and/or running on a second client device.In these embodiments, the biometric security engine 207 on the secondclient device can control a privacy shield implemented by the messaginginterface 206.

For example, the messaging interface 206 and/or the biometric securityengine 207 can be embodied as a mobile application running on operatingsystems of some of the client devices 202. In another example, themessaging interface 206 and/or the biometric security engine 207 can beimplemented as a web-based application running on web browsers on someof the client devices 202.

The client devices 202 can be associated with user accounts. In someembodiments, a user account of the messaging system 200 can havemultiple client devices associated therewith. In some embodiments, aclient device can have multiple user accounts associated therewith.Conversations between user accounts are tracked by the messaging system200 such that the messaging system 200 can deliver an electronic messagefrom a client device of one user account to a client device of anotheruser account.

In some embodiments, the messaging system 200 can include a user profiledatabase 208. The user profile database 208 is configured to store userprofiles of one or more user accounts. The user profiles may beassociated with one or more social networking systems (e.g., anaffiliated social networking system, a social networking systemintegrated with the messaging system 200, or an external socialnetworking system) and social network profiles in the social networkingsystems.

In various embodiments, the messaging interface 206 can implement aprivacy shield. The biometric security engine 207, for example, canrecognize whether or not an authorized user is present by analyzing avideo feed from its respective client device using a facial recognitionalgorithm. The messaging platform 204 can maintain biometric profiles ofuser accounts in the user profile database 208. The messaging platform204 associates a sender account and a receiver account with everymessage (e.g., as specified by the sender account). The biometricprofiles of the sender account and the receiver account can be bothconsidered “authorized users.” One or more lists of authorized users maybe stored in an authorization database 210. The authorization database210 can also maintain one or more lists of blacklisted user accountsthat are explicitly unauthorized. In some embodiments, the senderaccount, the receiver account, or both can add additional user accountsinto the list of authorized users. In some embodiments, the senderaccount, the receiver account, or both can add one or more user accountsinto the list of “blacklisted” user accounts.

The authorization database 210 can store a list of authorized userspecific to a message conversation or specific to a user account (e.g.,specific to a sender account, a receiver account, or both). For example,for each message or a conversation sent or each message or conversationreceived, a user can add or remove one or more accounts from the list ofauthorized users or blacklisted users. For another example, a first useraccount can add a second user account as an authorized user (e.g., aspouse) or a blacklisted user (e.g., a rival friend or sibling) for allconversations that the first user account participates in. In someembodiments, e.g., as required by law, the authorization database 210can also store a list of globally authorized users.

The messaging platform 204 can communicate with the biometric securityengine 207 to secure content of messages. For example, the messagingplatform 204 can send biometric profiles (e.g., facial profiles) of theauthorized users and/or expressly unauthorized users to be verified on aclient device by the biometric security engine 207. The biometricsecurity engine 207 can monitor outputs of a sensor 214 (e.g., a camera)to detect and recognize biometric profiles. In some embodiments, themessaging platform 204 can request the biometric security engine 207 tocapture and send an image or a video of its operator to be verified onthe messaging platform 204. In those embodiments, the messaging platform204 returns the result of the verification back to the biometricsecurity engine 207.

Once the biometric security engine 207 determines that a secureenvironment is present, the biometric security engine 207 can controlthe privacy shield implemented in the messaging interface 206 to eitherreveal or hide content of a message. The privacy shield implemented bythe messaging interface 206 can reveal content of a message conversationwhen the authorized user is detected. In some embodiments, the privacyshield can hide the content in response to detecting both an authorizeduser and an unauthorized user (e.g., implicitly unauthorized orexpressly unauthorized). In some embodiments, the privacy shield canhide the content whenever an expressly unauthorized user account isdetected.

Functional components (e.g., engines, modules, and databases) associatedwith the messaging system 200 can be implemented as circuitry, firmware,software, or other functional instructions. For example, the functionalcomponents can be implemented in the form of special-purpose circuitry,in the form of one or more appropriately programmed processors, a singleboard chip, a field programmable gate array, a network-capable computingdevice, a virtual machine, a cloud computing environment, or anycombination thereof. For example, the functional components describedcan be implemented as instructions on a tangible storage memory capableof being executed by a processor or other integrated circuit chip. Thetangible storage memory may be volatile or non-volatile memory. In someembodiments, the volatile memory may be considered “non-transitory” inthe sense that it is not a transitory signal. Memory space and storagesdescribed in the figures can be implemented with the tangible storagememory as well, including volatile or non-volatile memory.

Each of the functional components may operate individually andindependently of other functional components. Some or all of thefunctional components may be executed on the same host device or onseparate devices. The separate devices can be coupled through one ormore communication channels (e.g., wireless or wired channel) tocoordinate their operations. Some or all of the functional componentsmay be combined as one component. A single functional component may bedivided into sub-components, each sub-component performing separatemethod step or method steps of the single component.

In some embodiments, at least some of the functional components shareaccess to a memory space. For example, one functional component mayaccess data accessed by or transformed by another functional component.The functional components may be considered “coupled” to one another ifthey share a physical connection or a virtual connection, directly orindirectly, allowing data accessed or modified by one functionalcomponent to be accessed in another functional component. In someembodiments, at least some of the functional components can be upgradedor modified remotely (e.g., by reconfiguring executable instructionsthat implements a portion of the functional components). The systems,engines, or devices described may include additional, fewer, ordifferent functional components for various applications.

FIG. 3A is a flow chart of a method 300 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a mobile device (e.g., one of the clientdevices 202 of FIG. 2) to register a user account on a messaging serversystem (e.g., the messaging system 200 of FIG. 2), in accordance withvarious embodiments. The method 300 can include the messagingapplication receiving an indication of intent from a user to registerthe user account in step 302. In step 304, the messaging applicationdisplays an interactive interface to engage the user to type on themobile device. In step 306, the messaging application determines thatthe user is actively typing. In step 308, the messaging applicationcaptures a facial image from a camera of the mobile device in responseto determining that the user is actively typing. In step 310, themessaging application uploads the facial image to the message serversystem to build a facial profile model that is capable of being used forfacial recognition.

FIG. 3B is a flow chart of a method 330 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a computing device (e.g., one of the clientdevices 202 of FIG. 2) to send a message, in accordance with variousembodiments. The method 330 can include step 332 of the messagingapplication determining that a messaging interface of the messagingapplication is active to compose or send a message. Then in step 334,the messaging application determines that a user account is logged invia the messaging application to a messaging server system. In step 336,the messaging application monitors a video feed from a camera of thecomputing device to detect a face utilizing a facial recognition processbased on at least a facial profile model associated with the useraccount when the messaging interface is determined to be active. In step338, in response to determining that the detected face does not matchthe facial profile model associated with the user account, the messagingapplication prevents the message from being delivered to a recipientaccount.

In some embodiments, the method 330 can further include enabling themessage to be delivered to the recipient account in response todetermining that the detected face matches the facial profile modelassociated with the user account. In some embodiments, the method 330can further include capturing an image via the camera while themessaging interface is active; and providing the image to the messageserver system to forward to a recipient device associated with therecipient account.

FIG. 3C is a flow chart of a method 370 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a computing device (one of the client devices202 of FIG. 2) to access a message, in accordance with variousembodiments. The method 370 can include the messaging applicationdetermining that a messaging interface of the messaging application isactive and revealing or about to reveal a message in step 372. In step374, the messaging application determines a recipient account for amessaging server system is associated with the message. In step 376, themessaging application monitors a video feed from a camera of thecomputing device to detect a face utilizing a facial recognition processbased on at least a facial profile model associated with the recipientaccount when the messaging interface is determined to be active. In step378, the messaging application activates a privacy shield to preventcontent of the message from being revealed, in response to determiningthat the detected face does not match the facial profile modelassociated with the recipient account.

In some embodiments, step 376 includes performing the facial recognitionprocess in accordance with a cyclic schedule while the messaginginterface is active. In some embodiments, step 378 includes detectingtwo or more faces and step 378 includes activating the privacy shieldwhen one of the detected faces matches the recipient account.

In some embodiments, the method 370 can further comprise: gatheringmotion data from a sensor in the computing device; determining whether adisplay of the computing device showing the messaging interface ischanging orientation; and, in response to determining that the displayis changing orientation, activating the privacy shield. In someembodiments, the recipient account is indicated per message or perconversation.

In some embodiments, the method 370 can further comprise: determiningwhether the facial recognition process is inaccurate, inconsistent,unavailable, irrelevant, or any combination thereof; and, in response todetermining that the facial recognition process is inaccurate,inconsistent, unavailable, irrelevant, or any combination thereof,performing an alternative biometric recognition process to verifypresence of the recipient account. For example, the alternativebiometric recognition process can include ear recognition, speakerrecognition, tactile contact recognition, motion pattern recognition, orany combination thereof.

In some embodiments, step 376 includes performing the facial recognitionprocess against facial profile models associated with an externaldatabase. For example, the external database can be a criminal database,sexual predictor database, missing person database, amber alertdatabase, medical database, legal compliance-related database, or anycombination thereof.

While processes or methods are presented in a given order, alternativeembodiments may perform routines having steps, or employ systems havingblocks, in a different order, and some processes or blocks may bedeleted, moved, added, subdivided, combined, and/or modified to providealternative or subcombinations. Each of these processes or blocks may beimplemented in a variety of different ways. In addition, while processesor blocks are at times shown as being performed in series, theseprocesses or blocks may instead be performed in parallel, or may beperformed at different times.

FIG. 4 is a block diagram of an example of a computing device 400, whichmay represent one or more computing device or server described herein,in accordance with various embodiments. The computing device 400 can beone or more computing devices that implement the messaging system 200 ofFIG. 2 or methods and processes described in this disclosure. Thecomputing device 400 includes one or more processors 410 and memory 420coupled to an interconnect 430. The interconnect 430 shown in FIG. 4 isan abstraction that represents any one or more separate physical buses,point-to-point connections, or both connected by appropriate bridges,adapters, or controllers. The interconnect 430, therefore, may include,for example, a system bus, a Peripheral Component Interconnect (PCI) busor PCI-Express bus, a HyperTransport or industry standard architecture(ISA) bus, a small computer system interface (SCSI) bus, a universalserial bus (USB), IIC (I2C) bus, or an Institute of Electrical andElectronics Engineers (IEEE) standard 1494 bus, also called “Firewire”.

The processor(s) 410 is/are the central processing unit (CPU) of thecomputing device 400 and thus controls the overall operation of thecomputing device 400. In certain embodiments, the processor(s) 410accomplishes this by executing software or firmware stored in memory420. The processor(s) 410 may be, or may include, one or moreprogrammable general-purpose or special-purpose microprocessors, digitalsignal processors (DSPs), programmable controllers, application specificintegrated circuits (ASICs), programmable logic devices (PLDs), trustedplatform modules (TPMs), or the like, or a combination of such devices.

The memory 420 is or includes the main memory of the computing device400. The memory 420 represents any form of random access memory (RAM),read-only memory (ROM), flash memory, or the like, or a combination ofsuch devices. In use, the memory 420 may contain a code 470 containinginstructions according to the mesh connection system disclosed herein.

Also connected to the processor(s) 410 through the interconnect 430 area network adapter 440 and a storage adapter 450. The network adapter 440provides the computing device 400 with the ability to communicate withremote devices, over a network and may be, for example, an Ethernetadapter or Fibre Channel adapter. The network adapter 440 may alsoprovide the computing device 400 with the ability to communicate withother computers. The storage adapter 450 enables the computing device400 to access a persistent storage, and may be, for example, a FibreChannel adapter or SCSI adapter.

The code 470 stored in memory 420 may be implemented as software and/orfirmware to program the processor(s) 410 to carry out actions describedabove. In certain embodiments, such software or firmware may beinitially provided to the computing device 400 by downloading it from aremote system through the computing device 400 (e.g., via networkadapter 440).

The techniques introduced herein can be implemented by, for example,programmable circuitry (e.g., one or more microprocessors) programmedwith software and/or firmware, or entirely in special-purpose hardwiredcircuitry, or in a combination of such forms. Special-purpose hardwiredcircuitry may be in the form of, for example, one or moreapplication-specific integrated circuits (ASICs), programmable logicdevices (PLDs), field-programmable gate arrays (FPGAs), etc.

Software or firmware for use in implementing the techniques introducedhere may be stored on a machine-readable storage medium and may beexecuted by one or more general-purpose or special-purpose programmablemicroprocessors. A “machine-readable storage medium,” as the term isused herein, includes any mechanism that can store information in a formaccessible by a machine (a machine may be, for example, a computer,network device, cellular phone, personal digital assistant (PDA),manufacturing tool, any device with one or more processors, etc.). Forexample, a machine-accessible storage medium includesrecordable/non-recordable media (e.g., read-only memory (ROM); randomaccess memory (RAM); magnetic disk storage media; optical storage media;flash memory devices; etc.), etc.

The term “logic,” as used herein, can include, for example, programmablecircuitry programmed with specific software and/or firmware,special-purpose hardwired circuitry, or a combination thereof.

Some embodiments of the disclosure have other aspects, elements,features, and steps in addition to or in place of what is describedabove. These potential additions and replacements are describedthroughout the rest of the specification. For example, some embodimentsinclude a computer-implemented method of operating a messagingapplication on a computing device to access an electronic message. Thecomputer-implemented method can include the messaging applicationdetermining that a messaging interface of the computing device is activeand is revealing or about to reveal the electronic message. Themessaging application can identify a recipient account of a messagingserver system that is associated with the electronic message accordingto the electronic message or the messaging server system. The messagingapplication can monitor a data feed (e.g., video feed) from a camera ofthe computing device to detect a biometric pattern (e.g., one or morefacial features) that matches against a biometric profile model (e.g., afacial profile model) associated with the recipient account utilizing abiometric recognition process (e.g., a facial recognition process), whenthe messaging interface is determined to be active. In response todetermining that the detected biometric pattern does not match thebiometric profile model associated with the recipient account, themessaging application can activate a privacy shield to prevent contentof the electronic message from being revealed. In some embodiments, therecipient account is indicated per message. In some embodiments, theconversing accounts are indicated in every conversation.

In some embodiments, the messaging application can receive the biometricprofile model from the messaging server system. In some embodiments, themessaging server system can encrypt the biometric profile model prior tosending it to the messaging application. In some embodiments, whenmonitoring the video feed, the messaging application can also update thebiometric profile model while the messaging interface is active and thedetected biometric pattern is confirmed to be associated with therecipient account.

In some embodiments, the messaging application, when monitoring the datafeed, can perform the biometric recognition process in accordance with acyclic schedule while the messaging interface is active. In someembodiments, the messaging application, when monitoring the data feed,can detect two or more faces. In these embodiments, the messagingapplication can activate the privacy shield when one of the detectedfaces matches the recipient account.

In some embodiments, the messaging application gathers motion data froma sensor in the computing device. The messaging application candetermine whether a display of the computing device showing themessaging interface is changing orientation. In response to determiningthat the display is changing orientation, the messaging application canactivate the privacy shield.

In some embodiments, the messaging application can determine whether thebiometric recognition process is inaccurate, inconsistent, unavailable,irrelevant, or any combination thereof. In response to determining thatthe biometric recognition process is inaccurate, inconsistent,unavailable, irrelevant, or any combination thereof, the messagingapplication can perform an alternative biometric recognition process toverify presence of the recipient account. For example, the alternativebiometric recognition process can include ear recognition, speakerrecognition, tactile contact recognition, motion pattern recognition, orany combination thereof.

In some embodiments, when performing the biometric recognition process,the biometric pattern is compared against one or more biometric profilemodels. For example, the biometric profile models can be stored in thecomputing device. For another example, the biometric profile models canbe stored in an external database (e.g., in the messaging serversystem). In some embodiments, the external database can be a criminaldatabase, sexual predictor database, missing person database, amberalert database, medical database, legal compliance-related database, orany combination thereof.

Some embodiments a manufactured data storage apparatus comprisingcomputer-executable instructions. The computer-executable instructionscan include instructions for determining that a messaging interface ofthe messaging application is active to compose or send the electronicmessage; instructions for determining that a user account is logged invia the messaging application to a messaging server system; instructionsfor monitoring a video feed from a camera of the computing device todetect a face utilizing a facial recognition process based on at least afacial profile model associated with the user account when the messaginginterface is determined to be active; and instructions for in responseto determining that the detected face does not match the facial profilemodel associated with the user account, preventing the electronicmessage from being delivered to a recipient account. Thecomputer-executable instructions can further include instructions for,in response to determining that the detected face matches the facialprofile model associated with the user account, enabling the electronicmessage to be delivered to the recipient account. Thecomputer-executable instructions can further include instructions forcapturing an image via the camera while the messaging interface isactive; and instructions for providing the image to the message serversystem to forward to a recipient device associated with the recipientaccount.

Some embodiments include a computer server. The computer server caninclude a processor and a memory apparatus storing executableinstructions to implement a messaging platform when executed by theprocessor. The messaging platform can be configured to receive anelectronic message from a first user account logged in from a first userdevice, wherein the electronic device is destined to a second useraccount; identify a second user device associated with the second useraccount; determine a permission setting for the electronic messageaccording to security setting provided by the first user account,wherein the permission setting identifies a biometric profile modelassociated with the second user account; and provide the electronicmessage and the permission setting to a messaging application executedon the second user device to cause the messaging application to enforcea biometric security mechanism based on the biometric profile modelidentified by the permission setting. The messaging platform can befurther configured to encrypt the biometric profile model and push thebiometric profile model to the second user device. In some embodiments,the messaging platform is configured to register the second user accountvia the second user device prior to receiving the electronic message andwherein the messaging platform is configured to record one or morebiometric patterns observed via a sensor of the second user device tobuild or update the biometric profile model.

Some embodiments include a computer-implemented method of operating amessaging application on a mobile device to register a user account on amessaging server system. The method can include the messagingapplication receiving an indication of intent from a user to registerthe user account; displaying an interactive interface to engage the userto type on the mobile device; determining that the user is activelytyping; in response to determining that the user is actively typing,capturing a facial image from a camera of the mobile device; anduploading the facial image to the message server system to build abiometric profile model that is capable of being used for facialrecognition.

What is claimed is:
 1. A computer-implemented method of operating amessaging application, comprising: receiving, by a first mobile computerdevice associated with a sender, a sensor feed of the sender, whereinthe sensor feed is a data feed of at least one sensor of the firstmobile computer device associated with the sender; determining that thesensor feed matches a biometric profile associated with the sender;receiving, from a sender at a messaging interface of the first mobilecomputer device, an electronic message including an electronic contentand a designated receiver set by the sender; subsequent to determiningthat the sensor feed matches the biometric profile associated with thesender, transmitting, to a second mobile computer device associated withthe designated receiver, the electronic message, wherein the secondmobile computer device has a generated associated biometric profilemodel for the designated receiver and is configured to: obscure theelectronic content on the messaging interface upon detecting via asensor feed of the second mobile computer device an alternate biometricpattern not matching biometric profile model for the designated receiverof the electronic message; and display the electronic content of theelectronic message upon verifying a biometric pattern received by asensor feed of at least one sensor of the second mobile computer devicematches the biometric profile model for the designated receiver.
 2. Thecomputer-implemented method of claim 1, wherein the biometric profile isa facial profile model, wherein the biometric pattern includes one ormore features of a facial image, and wherein the biometric profile modelis a facial profile model.
 3. The computer-implemented method of claim 1further comprising monitoring the sensor feed of the at least one sensorof the first mobile computer device associated with the sender.
 4. Thecomputer-implemented method of claim 3, where in the second mobilecomputer device is further configured to: monitoring the sensor feed ofthe second mobile computer device; detecting more than one individualvia the sensor feed; and obscuring the display of the second mobilecomputer device upon detecting more than one individual.
 5. Thecomputer-implemented method of claim 1 further comprising: receiving,from the sender, a plurality of designated receivers; and transmitting,to a plurality of receiver mobile computer devices corresponding to theplurality of designated receivers the electronic message, wherein eachof the plurality of receiver mobile computer devices has a generatedassociated receiver biometric profile model for the correspondingdesignated receiver and is configured to: obscure the electronic contenton the messaging interface upon detecting via a sensor feed of thereceiver mobile computer device of the plurality of receiver mobilecomputer devices an alternate biometric pattern not matching thereceiver biometric profile model for the designated receiver of theelectronic message; and display the electronic content of the electronicmessage upon verifying a biometric pattern received by a sensor feed ofat least one sensor of the receiver mobile computer device matches thereceiver biometric profile model for the designated receiver of theelectronic message.
 6. At least one non-transitory computer-readablestorage media having computer-executable instructions embodied thereon,wherein when executed by at least one processor in communication with atleast one memory device, the computer-executable instructions cause theprocessor to: receive a sensor feed of a sender, wherein the sensor feedis a data feed of at least one sensor of a first mobile computer deviceassociated with the sender; determine that the sensor feed matches abiometric profile associated with the sender; receive, from a sender ata messaging interface of the first mobile computer device, an electronicmessage including an electronic content and a designated receiver set bythe sender; subsequent to determining that the sensor feed matches thebiometric profile associated with the sender, transmit, to a secondmobile computer device associated with the designated receiver, theelectronic message, wherein the second mobile computer device has agenerated associated biometric profile model for the designated receiverand includes computer-executable instructions that cause at least oneprocessor associated with the second mobile computer device to: obscurethe electronic content on the messaging interface upon detecting via asensor feed of the second mobile computer device an alternate biometricpattern not matching biometric profile model for the designated receiverof the electronic message; and display the electronic content of theelectronic message upon verifying a biometric pattern received by asensor feed of at least one sensor of the second mobile computer devicematches the biometric profile model for the designated receiver.
 7. Theat least one non-transitory computer-readable storage media of claim 6,wherein the biometric profile is a facial profile model, wherein thebiometric pattern includes one or more features of a facial image, andwherein the biometric profile model is a facial profile model.
 8. Amessaging system comprising: a first mobile messaging computer deviceassociated with a first authorized user and having a first biometricprofile associated with the first authorized user; and a second mobilemessaging computer device associated with a second authorized user andhaving a second biometric profile associated with the second authorizeduser, wherein said first mobile messaging computer device is configuredto: receive a sensor feed of the first authorized user, wherein thesensor feed is a data feed of at least one sensor of the first mobilemessaging computer device; determine that the sensor feed matches thefirst biometric profile; receive, from the first authorized user at amessaging interface of the first mobile messaging computer device, anelectronic message including an electronic content and a designatedreceiver set by the first authorized user, wherein the designatedreceiver is the second authorized user; and subsequent to determiningthat the sensor feed matches the first biometric profile, transmit, tothe second mobile messaging computer device, the electronic message; andwherein the second mobile messaging computer device is configured to:obscure the electronic content on a messaging interface upon detectingvia the sensor feed of the second mobile messaging computer device analternate biometric pattern not matching the second biometric profile;and display the electronic content of the electronic message uponverifying a biometric pattern received by a sensor feed of at least onesensor of the second mobile messaging computer device matches the secondbiometric profile.
 9. The messaging system of claim 8, wherein the firstbiometric profile and the second biometric profile are facial profilemodels of the first authorized user and the second authorized userrespectively, and wherein the biometric pattern includes one or morefeatures of a facial image.
 10. The messaging system of claim 8, wherein the second mobile messaging computer device is further configured to:monitor the sensor feed of the second mobile messaging computer device;detect more than one individual via the sensor feed; and obscure thedisplay of the second mobile messaging computer device upon detectingmore than one individual.
 11. The messaging system of claim 8, whereinthe first mobile messaging computer device is further configured to:receive, from the sender first authorized user, a plurality ofdesignated receivers; and transmit, to a plurality of receiver mobilecomputer devices corresponding to the plurality of designated receiversthe electronic message, wherein each of the plurality of receiver mobilecomputer devices has a generated associated receiver biometric profilemodel for the corresponding designated receiver.
 12. At least onenon-transitory computer-readable storage media havingcomputer-executable instructions embodied thereon, wherein when executedby a first processor and a second processor, the computer-executableinstructions cause the first processor to: store a first biometricprofile of a first authorized user; receive a sensor feed of the firstauthorized user, wherein the sensor feed is a data feed of at least onesensor of a first mobile messaging computer device; determine that thesensor feed matches the first biometric profile; receive, from the firstauthorized user at a messaging interface, an electronic messageincluding an electronic content and a designated receiver set by thefirst authorized user, wherein the designated receiver is a secondauthorized user; and subsequent to determining that the sensor feedmatches the first biometric profile, transmit, to a second mobilemessaging computer device, the electronic message; and wherein thecomputer-executable instructions cause the second processor to: obscurethe electronic content on a messaging interface upon detecting via asensor feed of the second mobile messaging computer device an alternatebiometric pattern not matching a second biometric profile associatedwith the second authorized user; and display the electronic content ofthe electronic message upon verifying a biometric pattern received by asensor feed of at least one sensor of the second mobile messagingcomputer device matches the second biometric profile associated with thesecond authorized user.
 13. The at least one non-transitorycomputer-readable storage media of claim 12, wherein the first biometricprofile and the second biometric profile are facial profile models ofthe first authorized user and the second authorized user respectively,and wherein the biometric pattern includes one or more features of afacial image.
 14. A mobile computer device comprising: at least onememory device storing a facial recognition biometric profile model of anauthorized user; at least one camera sensor for capturing a sensor feed;a display for displaying a messaging interface; and at least oneprocessor, wherein said at least one processor is in communication withsaid at least one memory device, said at least one camera sensor, andsaid display, wherein said at least one processor programmed to:receive, from a sender mobile computer device, an electronic message forthe authorized user, wherein the electronic message includes anelectronic content; obscure the electronic content on the messaginginterface upon detecting, via the sensor feed, a biometric pattern notmatching the authorized user; display the electronic content of theelectronic message upon verifying a biometric pattern received by thesensor feed matches the facial recognition biometric profile modelassociated with the authorized user; receive a response message from theauthorized user; and transmit the response message to the sender mobilecomputer device.
 15. The mobile computer device of claim 14, wherein theat least one processor is further programmed to: monitor the sensorfeed; detect more than one individual via the sensor feed; and obscurethe display upon detecting more than one individual.
 16. The mobilecomputer device of claim 14, wherein the at least one processor isfurther programmed to: receive, from the authorized user, a plurality ofdesignated receivers including an authorized user of the sender mobilecomputer device; and transmitting, to a plurality of receiver mobilecomputer devices corresponding to the plurality of designated receiversthe electronic message, wherein each of the plurality of mobile receivercomputer devices has a generated associated receiver biometric profilemodel for the corresponding designated receiver.
 17. The mobile computerdevice of claim 16, wherein each receiver mobile computer device of theplurality of receiver mobile computer devices is configured to: obscurethe electronic content on the messaging interface upon detecting via asensor feed of the receiver mobile computer device of the plurality ofreceiver mobile computer devices an alternate biometric pattern notmatching the receiver biometric profile model for the designatedreceiver of the electronic message; and display the electronic contentof the electronic message upon verifying a biometric pattern received bya sensor feed of at least one sensor of the receiver mobile computerdevice matches the receiver biometric profile model for the designatedreceiver of the electronic message.
 18. At least one non-transitorycomputer-readable storage media having computer-executable instructionsembodied thereon, wherein when executed by at least one processor incommunication with at least one memory device, the computer-executableinstructions cause the processor to: store a facial recognitionbiometric profile model of an authorized user; receive, from a sendermobile computer device, an electronic message for the authorized user,wherein the electronic message includes an electronic content; obscurethe electronic content on a messaging interface upon detecting, via asensor feed, a biometric pattern not matching the authorized user;display the electronic content of the electronic message upon verifyinga biometric pattern received by the sensor feed matches the facialrecognition biometric profile model associated with the authorized user;receive a response message from the authorized user; and transmit theresponse message to the sender mobile computer device.
 19. The method ofclaim 1, wherein the first mobile computer device is a smartphone,wherein the second mobile computer device is a smartphone, and whereinthe electronic message is a multimedia messaging service (MMS) message.20. The messaging system of claim 8, wherein the first mobile messagingcomputer device is a smartphone, wherein the second mobile messagingcomputer device is a smartphone, and wherein the electronic message is amultimedia messaging service (MMS) message.